Intrusion attempts most commonly succeed due to known exploits in outdated Joomla! releases or third-party extensions. It’s imperative for Joomla! administrators to keep the core platforms and installed extensions updated at all times.
If your Joomla! website is hacked, there are steps you can take to recover and protect the site. The quickest solution is to take advantage of SiteLock 911, an emergency malware recovery service delivered by independent security experts.
The service automatically scans your website files and folders, detecting and removing known exploits and suspicious files.
Once your site has been recovered, you should protect the platform with an ongoing service such as SiteLock Shield which supports daily vulnerability scans, automatic malware detection and removal, a web application firewall, basic distributed denial of service (DDoS) monitoring and SSL certification.
With your site fully protected, upgrade the core Joomla! platform and extensions to the latest release by following this HostPapa knowledge base article: How to upgrade Joomla!
Be sure to also read our guide to securing Joomla! which includes practical advice and handy tips for platform administrators: Security checklist for your Joomla! installation
Finally, head to the Joomla! back-end, click the user account icon in the top toolbar (the person icon on the right of the page) and select Edit Account to change your password.
All site administrators should also change their passwords to safeguard the site from future attacks.
For further questions, or if you need help, please open a support ticket from your HostPapa Dashboard. Follow this link to learn how.